Search CVE reports
201 – 210 of 40097 results
A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.
1 affected package
dnsmasq
| Package | 20.04 LTS |
|---|---|
| dnsmasq | Fixed |
A Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.
1 affected package
dnsmasq
| Package | 20.04 LTS |
|---|---|
| dnsmasq | Fixed |
dnsmasqs extract_name() function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS.
1 affected package
dnsmasq
| Package | 20.04 LTS |
|---|---|
| dnsmasq | Fixed |
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in...
157 affected packages
linux, linux-aws, linux-aws-5.15, linux-aws-5.4, linux-aws-hwe...
| Package | 20.04 LTS |
|---|---|
| linux | Needs evaluation |
| linux-aws | Needs evaluation |
| linux-aws-5.15 | Needs evaluation |
| linux-aws-5.4 | Not in release |
| linux-aws-hwe | Not in release |
| linux-azure | Needs evaluation |
| linux-azure-4.15 | Not in release |
| linux-azure-5.15 | Needs evaluation |
| linux-azure-5.4 | Not in release |
| linux-azure-fde-5.15 | Needs evaluation |
| linux-bluefield | Needs evaluation |
| linux-gcp | Needs evaluation |
| linux-gcp-4.15 | Not in release |
| linux-gcp-5.15 | Needs evaluation |
| linux-gcp-5.4 | Not in release |
| linux-hwe | Not in release |
| linux-hwe-5.15 | Needs evaluation |
| linux-hwe-5.4 | Not in release |
| linux-ibm | Needs evaluation |
| linux-ibm-5.15 | Needs evaluation |
| linux-ibm-5.4 | Not in release |
| linux-intel-iotg-5.15 | Needs evaluation |
| linux-iot | Needs evaluation |
| linux-kvm | Needs evaluation |
| linux-lowlatency-hwe-5.15 | Needs evaluation |
| linux-lts-xenial | Not in release |
| linux-nvidia-tegra-5.15 | Needs evaluation |
| linux-oracle | Needs evaluation |
| linux-oracle-5.15 | Needs evaluation |
| linux-oracle-5.4 | Not in release |
| linux-raspi | Needs evaluation |
| linux-raspi-5.4 | Not in release |
| linux-riscv-5.15 | Needs evaluation |
| linux-hwe-5.8 | Ignored |
| linux-hwe-5.11 | Ignored |
| linux-hwe-5.13 | Ignored |
| linux-hwe-5.19 | Not in release |
| linux-hwe-6.2 | Not in release |
| linux-hwe-6.5 | Not in release |
| linux-hwe-6.8 | Not in release |
| linux-hwe-6.11 | Not in release |
| linux-hwe-6.14 | Not in release |
| linux-hwe-6.17 | Not in release |
| linux-hwe-edge | Not in release |
| linux-allwinner-5.19 | Not in release |
| linux-aws-5.0 | Not in release |
| linux-aws-5.3 | Not in release |
| linux-aws-5.8 | Ignored |
| linux-aws-5.11 | Ignored |
| linux-aws-5.13 | Ignored |
| linux-aws-5.19 | Not in release |
| linux-aws-6.2 | Not in release |
| linux-aws-6.5 | Not in release |
| linux-aws-6.8 | Not in release |
| linux-aws-6.14 | Not in release |
| linux-aws-6.17 | Not in release |
| linux-azure-5.3 | Not in release |
| linux-azure-5.8 | Ignored |
| linux-azure-5.11 | Ignored |
| linux-azure-5.13 | Ignored |
| linux-azure-5.19 | Not in release |
| linux-azure-6.2 | Not in release |
| linux-azure-6.5 | Not in release |
| linux-azure-6.8 | Not in release |
| linux-azure-6.11 | Not in release |
| linux-azure-6.14 | Not in release |
| linux-azure-6.17 | Not in release |
| linux-azure-fde | Ignored |
| linux-azure-fde-5.19 | Not in release |
| linux-azure-fde-6.2 | Not in release |
| linux-azure-fde-6.8 | Not in release |
| linux-azure-fde-6.14 | Not in release |
| linux-azure-fde-6.17 | Not in release |
| linux-azure-nvidia | Not in release |
| linux-azure-nvidia-6.14 | Not in release |
| linux-azure-edge | Not in release |
| linux-fips | Not in release |
| linux-aws-fips | Not in release |
| linux-azure-fips | Not in release |
| linux-gcp-fips | Not in release |
| linux-gcp-5.3 | Not in release |
| linux-gcp-5.8 | Ignored |
| linux-gcp-5.11 | Ignored |
| linux-gcp-5.13 | Ignored |
| linux-gcp-5.19 | Not in release |
| linux-gcp-6.2 | Not in release |
| linux-gcp-6.5 | Not in release |
| linux-gcp-6.8 | Not in release |
| linux-gcp-6.11 | Not in release |
| linux-gcp-6.14 | Not in release |
| linux-gcp-6.17 | Not in release |
| linux-gke | Ignored |
| linux-gke-4.15 | Not in release |
| linux-gke-5.4 | Not in release |
| linux-gke-5.15 | Ignored |
| linux-gkeop | Ignored |
| linux-gkeop-5.4 | Not in release |
| linux-gkeop-5.15 | Ignored |
| linux-ibm-6.8 | Not in release |
| linux-intel-5.13 | Ignored |
| linux-intel-iotg | Not in release |
| linux-intel-iot-realtime | Not in release |
| linux-lowlatency | Not in release |
| linux-lowlatency-hwe-5.19 | Not in release |
| linux-lowlatency-hwe-6.2 | Not in release |
| linux-lowlatency-hwe-6.5 | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release |
| linux-lowlatency-hwe-6.11 | Not in release |
| linux-nvidia | Not in release |
| linux-nvidia-6.2 | Not in release |
| linux-nvidia-6.5 | Not in release |
| linux-nvidia-6.8 | Not in release |
| linux-nvidia-6.11 | Not in release |
| linux-nvidia-lowlatency | Not in release |
| linux-nvidia-tegra | Not in release |
| linux-nvidia-tegra-igx | Not in release |
| linux-oracle-5.0 | Not in release |
| linux-oracle-5.3 | Not in release |
| linux-oracle-5.8 | Ignored |
| linux-oracle-5.11 | Ignored |
| linux-oracle-5.13 | Ignored |
| linux-oracle-6.5 | Not in release |
| linux-oracle-6.8 | Not in release |
| linux-oracle-6.14 | Not in release |
| linux-oracle-6.17 | Not in release |
| linux-oem | Not in release |
| linux-oem-5.6 | Ignored |
| linux-oem-5.10 | Ignored |
| linux-oem-5.13 | Ignored |
| linux-oem-5.14 | Ignored |
| linux-oem-5.17 | Not in release |
| linux-oem-6.0 | Not in release |
| linux-oem-6.1 | Not in release |
| linux-oem-6.5 | Not in release |
| linux-oem-6.8 | Not in release |
| linux-oem-6.11 | Not in release |
| linux-oem-6.14 | Not in release |
| linux-oem-6.17 | Not in release |
| linux-raspi2 | Ignored |
| linux-raspi-realtime | Not in release |
| linux-realtime | Not in release |
| linux-realtime-6.8 | Not in release |
| linux-realtime-6.14 | Not in release |
| linux-riscv | Ignored |
| linux-riscv-5.8 | Ignored |
| linux-riscv-5.11 | Ignored |
| linux-riscv-5.19 | Not in release |
| linux-riscv-6.5 | Not in release |
| linux-riscv-6.8 | Not in release |
| linux-riscv-6.14 | Not in release |
| linux-riscv-6.17 | Not in release |
| linux-starfive-5.19 | Not in release |
| linux-starfive-6.2 | Not in release |
| linux-starfive-6.5 | Not in release |
| linux-xilinx | Not in release |
| linux-xilinx-zynqmp | Needs evaluation |
| linux-realtime-6.17 | Not in release |
A vulnerability was detected in WebAssembly Binaryen up to 117. This issue affects the function IRBuilder::makeBrOn of the file src/wasm/wasm-ir-builder.cpp of the component BrOn Parser. Performing a manipulation results in...
1 affected package
binaryen
| Package | 20.04 LTS |
|---|---|
| binaryen | Needs evaluation |
In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input.
23 affected packages
ayttm, cableswig, cadaver, coin3, gdcm...
| Package | 20.04 LTS |
|---|---|
| ayttm | — |
| cableswig | — |
| cadaver | Needs evaluation |
| coin3 | Not affected |
| gdcm | Not affected |
| insighttoolkit4 | Needs evaluation |
| libxmltok | Needs evaluation |
| matanza | Ignored |
| smart | — |
| swish-e | Needs evaluation |
| tdom | Needs evaluation |
| vnc4 | — |
| vtk | — |
| wbxml2 | Needs evaluation |
| xmlrpc-c | Needs evaluation |
| expat | Needs evaluation |
| apache2 | Not affected |
| apr-util | Not affected |
| cmake | Not affected |
| ghostscript | Not affected |
| texlive-bin | Not affected |
| firefox | — |
| thunderbird | — |
In PHP versions 8.4.* before 8.4.21 and 8.5.* before 8.5.6, DOMNode::C14N()Â method may process the XML data incorrectly, causing a circular linked list in the data structure representing the XML document. This may cause subsequent...
7 affected packages
php7.2, php5, php7.0, php7.4, php8.1...
| Package | 20.04 LTS |
|---|---|
| php7.2 | — |
| php5 | — |
| php7.0 | — |
| php7.4 | Needs evaluation |
| php8.1 | — |
| php8.3 | — |
| php8.4 | — |
In PHP versions 8.4.* before 8.4.21 and 8.5.* before 8.5.6, when an encoding name containing an embedded NUL byte is passed to mb_convert_encoding() or related mbstring functions, the code incorrectly assumes that...
7 affected packages
php5, php7.0, php7.2, php7.4, php8.1...
| Package | 20.04 LTS |
|---|---|
| php5 | — |
| php7.0 | — |
| php7.2 | — |
| php7.4 | Needs evaluation |
| php8.1 | — |
| php8.3 | — |
| php8.4 | — |
In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the metaphone() function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input...
7 affected packages
php5, php7.0, php7.2, php7.4, php8.1...
| Package | 20.04 LTS |
|---|---|
| php5 | — |
| php7.0 | — |
| php7.2 | — |
| php7.4 | Needs evaluation |
| php8.1 | — |
| php8.3 | — |
| php8.4 | — |
In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of...
7 affected packages
php8.1, php5, php7.0, php7.2, php7.4...
| Package | 20.04 LTS |
|---|---|
| php8.1 | — |
| php5 | — |
| php7.0 | — |
| php7.2 | — |
| php7.4 | Needs evaluation |
| php8.3 | — |
| php8.4 | — |